Report - transportdbn.com/americafirst.com

Report Overview

Visitedpublic

2024-06-08 02:06:33

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
transportdbn.com	unknown	2007-06-07	2019-06-09 04:41:45	2024-03-28 10:36:46	498 B	1.8 MB	41.185.8.119

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-06-08	medium	transportdbn.com/americafirst.com_DRTHUR.zip	Phishing Kit impersonating America First Credit Union

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

transportdbn.com/americafirst.com_DRTHUR.zip

IP / ASN

41.185.8.119

#36943 ZA-1-Grid

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size1.8 MB (1844994 bytes)

MD5c401e3b87432d8d6ca6df9971895522f

SHA173f4bdea95a384769a80d61336b09d5c9b1020e0

SHA256b89962074c9332e3886bf71f7a6e7b5d08a1b2d01055d78d5a285558d7cdbc3c

Archive (87)

Modified	Filename	Size	MD5	File type
2022-03-03 14:33	.htaccess	18 kB	2e7e70c7eb474af9e4230f744283c41b	ASCII text, with CRLF line terminators
2022-02-20 11:38	21d7d23b5082cfbd7662ecf888a9879cef5e3b6d.png	2.0 kB	ae659b5597c9500445cc6f80a4281459	PNG image data, 55 x 62, 8-bit/color RGBA, non-interlaced
2022-02-20 11:38	368f9486f1d69178fbf8bf2dcfbc491b23e4b261.png	3.6 kB	aa3ffca4509491de728b7f7e60a7ef63	PNG image data, 277 x 94, 8-bit/color RGBA, non-interlaced
2022-02-20 11:38	78bdeddcd621c8d0d38dce1c2bfedd9330602f96.png	2.9 kB	6265054874bcf3c370bef6bb64646fe9	PNG image data, 99 x 40, 8-bit/color RGBA, non-interlaced
2022-02-20 11:38	analytics.js	50 kB	d40531c5e99a6f84e42535859476fe35	JavaScript source, ASCII text, with very long lines (1325)
2022-02-20 11:38	app.48c40f3c.js	262 kB	6ffbc1e5af9b4dc5a88cb2c6b9c6e06f	JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
2022-02-20 11:38	app.76ff82e5.css	2.6 kB	45fdfaabff062b120c343417bdb06350	ASCII text, with very long lines (2555), with no line terminators
2022-02-20 11:38	AppMeasurement.min.js	34 kB	f259ee6445c19c2ce3c64a1b117a4f35	JavaScript source, ASCII text, with very long lines (32766)
2022-02-20 11:38	chunk-vendors.662cf618.js	615 kB	0f3027fecff81c3a1849907853850d4e	JavaScript source, Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
2022-02-20 11:38	chunk-vendors.eab46e62.css	717 kB	fa58619b967a7b4a132981b548401f8d	Unicode text, UTF-8 text, with very long lines (60387)
2022-02-20 11:38	d4c16de980048679c0662f782e29945ab5125717.png	3.3 kB	cf4f20bf0af1f7b4b77126ac20180c2c	PNG image data, 250 x 54, 8-bit/color RGBA, non-interlaced
2022-02-20 11:38	favicon.ico	1.2 kB	5f0fb15bba173e0aa54bd6434418f8fe	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
2022-02-20 11:38	index_1.html	7.1 kB	cdb27a0a2c3b25c23454a4454c2c78d6	HTML document, ASCII text, with very long lines (550)
2022-02-20 11:38	launch-b0a09017373d.min.js	229 kB	c7075b0fa700c4806db450e8979452e6	JavaScript source, ASCII text, with very long lines (32756)
2022-02-20 11:38	logo-desktop-inverse.a3a99f3a.png	8.9 kB	a3a99f3aea38a0574c84d332fc5f871f	PNG image data, 390 x 134, 8-bit/color RGBA, non-interlaced
2022-02-20 11:38	roboto-latin-100.5cb7edfc.woff	20 kB	5cb7edfceb233100075dc9a1e12e8da3	Web Open Font Format, TrueType, length 20368, version 1.1
2022-02-20 11:38	roboto-latin-100.7370c367.woff2	16 kB	7370c3679472e9560965ff48a4399d0b	Web Open Font Format (Version 2), TrueType, length 15808, version 1.0
2022-02-20 11:38	roboto-latin-100italic.f8b1df51.woff2	17 kB	f8b1df51ba843179fa1cc9b53d58127a	Web Open Font Format (Version 2), TrueType, length 17008, version 1.0
2022-02-20 11:38	roboto-latin-100italic.f9e8e590.woff	22 kB	f9e8e590b4e0f1ff83469bb2a55b8488	Web Open Font Format, TrueType, length 21704, version 1.1
2022-02-20 11:38	roboto-latin-300.b00849e0.woff	20 kB	b00849e00f4c2331cddd8ffb44a6720b	Web Open Font Format, TrueType, length 20348, version 1.1
2022-02-20 11:38	roboto-latin-300.ef7c6637.woff2	16 kB	ef7c6637c68f269a882e73bcb57a7f6a	Web Open Font Format (Version 2), TrueType, length 15784, version 1.0
2022-02-20 11:38	roboto-latin-300italic.14286f3b.woff2	17 kB	14286f3ba79c6627433572dfa925202e	Web Open Font Format (Version 2), TrueType, length 17448, version 1.0
2022-02-20 11:38	roboto-latin-300italic.4df32891.woff	22 kB	4df32891a5f2f98a363314f595482e08	Web Open Font Format, TrueType, length 22204, version 1.1
2022-02-20 11:38	roboto-latin-400.479970ff.woff2	16 kB	479970ffb74f2117317f9d24d9e317fe	Web Open Font Format (Version 2), TrueType, length 15736, version 1.0
2022-02-20 11:38	roboto-latin-400.60fa3c06.woff	20 kB	60fa3c0614b8fb2f394fa29944c21540	Web Open Font Format, TrueType, length 20268, version 1.1
2022-02-20 11:38	roboto-latin-400italic.51521a2a.woff2	17 kB	51521a2a8da71e50d871ac6fd2187e87	Web Open Font Format (Version 2), TrueType, length 17324, version 1.0
2022-02-20 11:38	roboto-latin-400italic.fe65b833.woff	22 kB	fe65b8335ee19dd944289f9ed3178c78	Web Open Font Format, TrueType, length 21952, version 1.1
2022-02-20 11:38	roboto-latin-500.020c97dc.woff2	16 kB	020c97dc8e0463259c2f9df929bb0c69	Web Open Font Format (Version 2), TrueType, length 15872, version 1.0
2022-02-20 11:38	roboto-latin-500.87284894.woff	20 kB	87284894879f5b1c229cb49c8ff6decc	Web Open Font Format, TrueType, length 20464, version 1.1
2022-02-20 11:38	roboto-latin-500italic.288ad9c6.woff	22 kB	288ad9c6e8b43cf02443a1f499bdf67e	Web Open Font Format, TrueType, length 22020, version 1.1
2022-02-20 11:38	roboto-latin-500italic.db4a2a23.woff2	17 kB	db4a2a231f52e497c0191e8966b0ee58	Web Open Font Format (Version 2), TrueType, length 17316, version 1.0
2022-02-20 11:38	roboto-latin-700.2735a3a6.woff2	16 kB	2735a3a69b509faf3577afd25bdf552e	Web Open Font Format (Version 2), TrueType, length 15816, version 1.0
2022-02-20 11:38	roboto-latin-700.adcde98f.woff	20 kB	adcde98f1d584de52060ad7b16373da3	Web Open Font Format, TrueType, length 20356, version 1.1
2022-02-20 11:38	roboto-latin-700italic.81f57861.woff	22 kB	81f57861ed4ac74741f5671e1dff2fd9	Web Open Font Format, TrueType, length 21588, version 1.1
2022-02-20 11:38	roboto-latin-700italic.da0e7178.woff2	17 kB	da0e717829e033a69dec97f1e155ae42	Web Open Font Format (Version 2), TrueType, length 17020, version 1.0
2022-02-20 11:38	roboto-latin-900.9b3766ef.woff2	16 kB	9b3766ef4a402ad3fdeef7501a456512	Web Open Font Format (Version 2), TrueType, length 15712, version 1.0
2022-02-20 11:38	roboto-latin-900.bb1e4dc6.woff	20 kB	bb1e4dc6333675d11ada2e857e7f95d7	Web Open Font Format, TrueType, length 20392, version 1.1
2022-02-20 11:38	roboto-latin-900italic.28f91510.woff	22 kB	28f9151055c950874d2c6803a39b425b	Web Open Font Format, TrueType, length 22304, version 1.1
2022-02-20 11:38	roboto-latin-900italic.ebf6d164.woff2	18 kB	ebf6d1640ccddb99fb49f73c052c55a8	Web Open Font Format (Version 2), TrueType, length 17520, version 1.0
2022-02-21 15:29	actions.js	1.3 kB	bfef294446761f81225bda51229dfdad	JavaScript source, ASCII text, with CRLF line terminators
2018-08-11 13:03	loading.gif	39 kB	d10ef01e81faa2c2d812bdf670b4e072	GIF image data, version 89a, 200 x 200
2021-11-16 14:01	style.css	414 B	f9653fbeecf34b04791fee59eb3e253b	ASCII text, with CRLF line terminators
2020-09-19 17:41	anti1.php	2.9 kB	836978d77c5aab35c5a2b81b472c38a8	PHP script, ASCII text, with very long lines (1298), with CRLF line terminators
2020-09-19 17:41	anti2.php	1.6 kB	d65708ad4d4f87ddaf174f49d242c1e5	PHP script, ASCII text, with very long lines (1624), with CRLF line terminators
2020-09-19 17:41	anti3.php	4.2 kB	6199e211b647d35e3054acb9e7332990	PHP script, ASCII text, with very long lines (4182), with CRLF line terminators
2020-09-19 17:41	anti4.php	7.6 kB	8e990a922cc25ee751f2a596463b93eb	PHP script, ASCII text, with very long lines (7559), with CRLF line terminators
2020-09-19 17:41	anti5.php	6.0 kB	6f3eb98e962d54a0c1d8b7fa947120ad	PHP script, ASCII text, with very long lines (5981), with CRLF line terminators
2020-09-19 17:41	anti6.php	3.9 kB	95efa5a420953e5c4c6759efee1c291f	PHP script, ASCII text, with very long lines (2668)
2020-09-19 17:41	anti7.php	4.4 kB	a4f951fe6f09fea51aa0febe36f3a2f9	PHP script, ASCII text, with very long lines (2915), with CRLF line terminators
2020-09-19 17:41	anti8.php	8.7 kB	05e4cca41039847c80677dd89448eadf	PHP script, ASCII text, with CRLF line terminators
2021-01-06 13:26	index.php	239 B	2af74d30b091a31cefb14f47a49c9780	PHP script, ASCII text, with CRLF line terminators
2019-07-16 15:08	geoplugin.class.php	4.6 kB	f9f629f96e667ea9d9c36f22a3c5b8d7	PHP script, ASCII text, with CRLF line terminators
2022-03-23 10:31	grabber.php	143 B	d124ab159839d8937a7d2ac30a3f8ce2	PHP script, ASCII text, with CRLF line terminators
2022-03-23 09:29	process.php	2.3 kB	919eb4b1807b381bfc77de1af3f6c37b	PHP script, ASCII text, with CRLF line terminators
2022-03-23 09:34	process2.php	2.3 kB	3f85cf9da191a9fdc5eb67c68288a8c5	PHP script, ASCII text, with CRLF line terminators
2022-03-23 09:35	process3.php	2.3 kB	d2f74a2e873ca39060d99ac6a6ebb086	PHP script, ASCII text, with CRLF line terminators
2022-03-23 09:35	process4.php	2.3 kB	d2f74a2e873ca39060d99ac6a6ebb086	PHP script, ASCII text, with CRLF line terminators
2022-03-23 09:45	process6.php	2.4 kB	70a6d57d9033072c41a895a99541567e	PHP script, ASCII text, with CRLF line terminators
2022-03-05 16:32	index.html	31 kB	314523e17104b9064ff67f164883eaf4	HTML document, Unicode text, UTF-8 text, with very long lines (3970), with CRLF line terminators
2022-03-23 10:41	indexem.html	40 kB	da5c9ab0a5c0a0ef18c1ff7b3461a03f	HTML document, Unicode text, UTF-8 text, with very long lines (3412), with CRLF line terminators
2022-03-23 10:28	indexems.html	32 kB	6671d00ede60b1745de522a1e9fdbec7	HTML document, Unicode text, UTF-8 text, with very long lines (3970), with CRLF line terminators
2022-03-05 16:41	indexemss.html	32 kB	84def1a72ff5e04a143b019bb002f40f	HTML document, Unicode text, UTF-8 text, with very long lines (3412), with CRLF line terminators
2022-03-05 16:42	indexemsx.html	31 kB	f735172caad236073232eea4e50f3e90	HTML document, Unicode text, UTF-8 text, with very long lines (3412), with CRLF line terminators
2022-03-05 16:35	indexs.html	34 kB	646f474fd9ce020e2ce2e5f6ec91de98	HTML document, Unicode text, UTF-8 text, with very long lines (3970), with CRLF line terminators
2022-03-05 16:38	success.html	31 kB	7b32d3f35bd5780a0c9263b67999cbe8	HTML document, Unicode text, UTF-8 text, with very long lines (3412), with CRLF line terminators
2020-09-19 17:41	anti1.php	2.9 kB	836978d77c5aab35c5a2b81b472c38a8	PHP script, ASCII text, with very long lines (1298), with CRLF line terminators
2020-05-31 07:43	anti1a.php	5.7 kB	e2c12d05fafd6a301c08453f431e3b1e	PHP script, Unicode text, UTF-8 text, with very long lines (1667), with CRLF line terminators
2020-09-19 17:41	anti2.php	1.6 kB	d65708ad4d4f87ddaf174f49d242c1e5	PHP script, ASCII text, with very long lines (1624), with CRLF line terminators
2020-05-31 07:42	anti2a.php	2.3 kB	f4ee6806fd063abcedb8094a9e65829b	PHP script, Unicode text, UTF-8 text, with very long lines (1297), with CRLF line terminators
2020-09-19 17:41	anti3.php	4.2 kB	6199e211b647d35e3054acb9e7332990	PHP script, ASCII text, with very long lines (4182), with CRLF line terminators
2020-05-31 07:41	anti3a.php	4.9 kB	84c7e61662bb09a25e911057ad8378a1	PHP script, Unicode text, UTF-8 text, with very long lines (2775), with CRLF line terminators
2020-09-19 17:41	anti4.php	7.6 kB	8e990a922cc25ee751f2a596463b93eb	PHP script, ASCII text, with very long lines (7559), with CRLF line terminators
2020-05-31 07:40	anti4a.php	8.2 kB	ed3df9635567f87eb340190f5743c941	PHP script, Unicode text, UTF-8 text, with very long lines (5773), with CRLF line terminators
2020-09-19 17:41	anti5.php	6.0 kB	6f3eb98e962d54a0c1d8b7fa947120ad	PHP script, ASCII text, with very long lines (5981), with CRLF line terminators
2020-05-31 07:44	anti5a.php	6.7 kB	2b94ad6bc737010a5249264c88bcd44e	PHP script, Unicode text, UTF-8 text, with very long lines (5112), with CRLF line terminators
2020-09-19 17:41	anti6.php	3.9 kB	95efa5a420953e5c4c6759efee1c291f	PHP script, ASCII text, with very long lines (2668)
2019-04-01 16:39	anti6a.php	4.4 kB	8dab53ca654a0bfb785be53e28bc94ce	PHP script, Unicode text, UTF-8 text, with very long lines (2668)
2020-09-19 17:41	anti7.php	4.4 kB	a4f951fe6f09fea51aa0febe36f3a2f9	PHP script, ASCII text, with very long lines (2915), with CRLF line terminators
2019-04-01 16:39	anti7a.php	4.9 kB	1fa436f0fa798734317e2c79c8b57d06	PHP script, Unicode text, UTF-8 text, with very long lines (2915), with CRLF line terminators
2020-09-19 17:41	anti8.php	8.7 kB	05e4cca41039847c80677dd89448eadf	PHP script, ASCII text, with CRLF line terminators
2019-04-01 16:39	anti8a.php	9.3 kB	d13afbf02cb8e17365faae5e16213d10	PHP script, Unicode text, UTF-8 text, with CRLF line terminators
2020-07-20 10:03	blocker.php	2.6 MB	dbcdbde8f190efa1f3384eea9e522dc8	PHP script, ASCII text, with very long lines (381), with CRLF line terminators
2020-07-20 10:04	blocker2.php	1.4 kB	4bf98b2221c8075369d0ee9b69b5cf97	PHP script, ASCII text, with CRLF line terminators
2019-04-01 16:39	filter.php	5.5 kB	f6cce921e65e85d10209c59bacaddf91	PHP script, Unicode text, UTF-8 text
2021-01-06 13:26	index.php	239 B	2af74d30b091a31cefb14f47a49c9780	PHP script, ASCII text, with CRLF line terminators
2019-05-23 13:07	hostname_check.php	620 B	8b6dcd5973e8c31d66f12baf7bf39703	PHP script, ASCII text, with CRLF line terminators
2022-03-05 16:59	index.php	699 B	2f3a4fd4d37c99fe0d871d9a9debcb8b	PHP script, ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
Phishing Kit YARA rules	phishing	Phishing Kit impersonating America First Credit Union
VirusTotal	malicious	VirusTotal - Scan result 23/64

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size